server {
    server_name example.com;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/nginx/ssl/example.com.pem;
    ssl_certificate_key /etc/nginx/ssl/example.com.key;

    ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers           HIGH:!aNULL:!MD5;

    access_log /var/log/nginx/example.com.access.log;
    error_log  /var/log/nginx/example.com.error.log error;

    location / {
        proxy_pass http://127.0.0.1:25500;
    }
}

server {
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    }

    server_name example.com;
    listen 80;
    return 404;
}
